package org.apereo.cas.config;

import com.yubico.u2f.U2F;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.adaptors.u2f.storage.U2FDeviceRepository;
import org.apereo.cas.adaptors.u2f.web.U2FRegisteredDevicesEndpoint;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAccountCheckRegistrationAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAccountSaveRegistrationAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAuthenticationWebflowAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAuthenticationWebflowEventResolver;
import org.apereo.cas.adaptors.u2f.web.flow.U2FMultifactorTrustedDeviceWebflowConfigurer;
import org.apereo.cas.adaptors.u2f.web.flow.U2FMultifactorWebflowConfigurer;
import org.apereo.cas.adaptors.u2f.web.flow.U2FStartAuthenticationAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FStartRegistrationAction;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.trusted.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext;
import org.apereo.cas.web.flow.util.MultifactorAuthenticationWebflowUtils;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.actuate.autoconfigure.endpoint.condition.ConditionalOnAvailableEndpoint;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("u2FWebflowConfiguration")
/* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration.class */
public class U2FWebflowConfiguration {
    private static final int WEBFLOW_CONFIGURER_ORDER = 100;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("loginFlowRegistry")
    private ObjectProvider<FlowDefinitionRegistry> loginFlowDefinitionRegistry;

    @Autowired
    private ObjectProvider<FlowBuilderServices> flowBuilderServices;

    @Autowired
    @Qualifier("u2fDeviceRepository")
    private ObjectProvider<U2FDeviceRepository> u2fDeviceRepository;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("authenticationServiceSelectionPlan")
    private ObjectProvider<AuthenticationServiceSelectionPlan> authenticationRequestServiceSelectionStrategies;

    @Autowired
    @Qualifier("centralAuthenticationService")
    private ObjectProvider<CentralAuthenticationService> centralAuthenticationService;

    @Autowired
    @Qualifier("defaultAuthenticationSystemSupport")
    private ObjectProvider<AuthenticationSystemSupport> authenticationSystemSupport;

    @Autowired
    @Qualifier("defaultTicketRegistrySupport")
    private ObjectProvider<TicketRegistrySupport> ticketRegistrySupport;

    @Autowired
    @Qualifier("servicesManager")
    private ObjectProvider<ServicesManager> servicesManager;

    @Autowired
    @Qualifier("registeredServiceAccessStrategyEnforcer")
    private ObjectProvider<AuditableExecution> registeredServiceAccessStrategyEnforcer;

    @Autowired
    @Qualifier("warnCookieGenerator")
    private ObjectProvider<CasCookieBuilder> warnCookieGenerator;

    @Autowired
    @Qualifier("ticketRegistry")
    private ObjectProvider<TicketRegistry> ticketRegistry;

    @Autowired
    @Qualifier("u2fService")
    private ObjectProvider<U2F> u2fService;

    @ConditionalOnClass({MultifactorAuthnTrustConfiguration.class})
    @ConditionalOnProperty(prefix = "cas.authn.mfa.u2f", name = {"trusted-device-enabled"}, havingValue = "true", matchIfMissing = true)
    @Configuration("u2fMultifactorTrustConfiguration")
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FMultifactorTrustConfiguration.class */
    public class U2FMultifactorTrustConfiguration {
        public U2FMultifactorTrustConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"u2fMultifactorTrustWebflowConfigurer"})
        @DependsOn({"defaultWebflowConfigurer", "u2fMultifactorWebflowConfigurer"})
        @Bean
        public CasWebflowConfigurer u2fMultifactorTrustWebflowConfigurer() {
            U2FMultifactorTrustedDeviceWebflowConfigurer u2FMultifactorTrustedDeviceWebflowConfigurer = new U2FMultifactorTrustedDeviceWebflowConfigurer((FlowBuilderServices) U2FWebflowConfiguration.this.flowBuilderServices.getObject(), (FlowDefinitionRegistry) U2FWebflowConfiguration.this.loginFlowDefinitionRegistry.getObject(), U2FWebflowConfiguration.this.u2fFlowRegistry(), U2FWebflowConfiguration.this.applicationContext, U2FWebflowConfiguration.this.casProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(U2FWebflowConfiguration.this.applicationContext));
            u2FMultifactorTrustedDeviceWebflowConfigurer.setOrder(101);
            return u2FMultifactorTrustedDeviceWebflowConfigurer;
        }

        @Bean
        public CasWebflowExecutionPlanConfigurer u2fMultifactorTrustCasWebflowExecutionPlanConfigurer() {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(u2fMultifactorTrustWebflowConfigurer());
            };
        }
    }

    @ConditionalOnMissingBean(name = {"u2fFlowRegistry"})
    @Bean
    public FlowDefinitionRegistry u2fFlowRegistry() {
        FlowDefinitionRegistryBuilder flowDefinitionRegistryBuilder = new FlowDefinitionRegistryBuilder(this.applicationContext, (FlowBuilderServices) this.flowBuilderServices.getObject());
        flowDefinitionRegistryBuilder.setBasePath("classpath*:/webflow");
        flowDefinitionRegistryBuilder.addFlowLocationPattern("/mfa-u2f/*-webflow.xml");
        return flowDefinitionRegistryBuilder.build();
    }

    @ConditionalOnMissingBean(name = {"u2fAuthenticationWebflowAction"})
    @RefreshScope
    @Bean
    public Action u2fAuthenticationWebflowAction() {
        return new U2FAuthenticationWebflowAction(u2fAuthenticationWebflowEventResolver());
    }

    @ConditionalOnMissingBean(name = {"u2fMultifactorWebflowConfigurer"})
    @DependsOn({"defaultWebflowConfigurer"})
    @Bean
    public CasWebflowConfigurer u2fMultifactorWebflowConfigurer() {
        U2FMultifactorWebflowConfigurer u2FMultifactorWebflowConfigurer = new U2FMultifactorWebflowConfigurer((FlowBuilderServices) this.flowBuilderServices.getObject(), (FlowDefinitionRegistry) this.loginFlowDefinitionRegistry.getObject(), u2fFlowRegistry(), this.applicationContext, this.casProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(this.applicationContext));
        u2FMultifactorWebflowConfigurer.setOrder(WEBFLOW_CONFIGURER_ORDER);
        return u2FMultifactorWebflowConfigurer;
    }

    @ConditionalOnMissingBean(name = {"u2fStartAuthenticationAction"})
    @RefreshScope
    @Bean
    public Action u2fStartAuthenticationAction() {
        return new U2FStartAuthenticationAction((U2F) this.u2fService.getObject(), this.casProperties.getServer().getName(), (U2FDeviceRepository) this.u2fDeviceRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"u2fStartRegistrationAction"})
    @RefreshScope
    @Bean
    public Action u2fStartRegistrationAction() {
        return new U2FStartRegistrationAction((U2F) this.u2fService.getObject(), this.casProperties.getServer().getName(), (U2FDeviceRepository) this.u2fDeviceRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"u2fCheckAccountRegistrationAction"})
    @RefreshScope
    @Bean
    public Action u2fCheckAccountRegistrationAction() {
        return new U2FAccountCheckRegistrationAction((U2FDeviceRepository) this.u2fDeviceRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"u2fSaveAccountRegistrationAction"})
    @RefreshScope
    @Bean
    public Action u2fSaveAccountRegistrationAction() {
        return new U2FAccountSaveRegistrationAction((U2F) this.u2fService.getObject(), (U2FDeviceRepository) this.u2fDeviceRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"u2fAuthenticationWebflowEventResolver"})
    @RefreshScope
    @Bean
    public CasWebflowEventResolver u2fAuthenticationWebflowEventResolver() {
        return new U2FAuthenticationWebflowEventResolver(CasWebflowEventResolutionConfigurationContext.builder().authenticationSystemSupport((AuthenticationSystemSupport) this.authenticationSystemSupport.getObject()).centralAuthenticationService((CentralAuthenticationService) this.centralAuthenticationService.getObject()).servicesManager((ServicesManager) this.servicesManager.getObject()).ticketRegistrySupport((TicketRegistrySupport) this.ticketRegistrySupport.getObject()).warnCookieGenerator((CasCookieBuilder) this.warnCookieGenerator.getObject()).authenticationRequestServiceSelectionStrategies((AuthenticationServiceSelectionPlan) this.authenticationRequestServiceSelectionStrategies.getObject()).registeredServiceAccessStrategyEnforcer((AuditableExecution) this.registeredServiceAccessStrategyEnforcer.getObject()).casProperties(this.casProperties).ticketRegistry((TicketRegistry) this.ticketRegistry.getObject()).applicationContext(this.applicationContext).build());
    }

    @ConditionalOnMissingBean(name = {"u2fCasWebflowExecutionPlanConfigurer"})
    @Bean
    public CasWebflowExecutionPlanConfigurer u2fCasWebflowExecutionPlanConfigurer() {
        return casWebflowExecutionPlan -> {
            casWebflowExecutionPlan.registerWebflowConfigurer(u2fMultifactorWebflowConfigurer());
        };
    }

    @ConditionalOnAvailableEndpoint
    @Bean
    public U2FRegisteredDevicesEndpoint u2fRegisteredDevicesEndpoint() {
        return new U2FRegisteredDevicesEndpoint(this.casProperties, (U2FDeviceRepository) this.u2fDeviceRepository.getObject());
    }
}
